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Intellectual Property Rights 



IPRs essential or potentially essential to the present document may have been declared to ETSI. The information 
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found 
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in 
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web 
server ( http://webapp.etsi.org/IPR/home.asp ). 

Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee 
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web 
server) which are, or may be, or may become, essential to the present document. 



Foreword 

This Technical Specification (TS) has been produced by ETSI Technical Committee Telecommunications and Internet 
converged Services and Protocols for Advanced Networking (TISPAN). 
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Scope 



The present document provides the ETSI TISPAN endorsement of the 3GPP TS 29.228 "IP Multimedia (IM) 
Subsystem Cx and Dx interfaces; Signalling flows and messages contents (Release 6)" and the 3GPP TS 29.229 "IP 
Multimedia (IM) Subsystem Cx and Dx interfaces based on the DIAMETER protocol; Protocol details (Release 6)". 

The present document provides the necessary adaptations to the above specifications, in order comply with the 
requirements of NGN Release 1 . 

Additionally, the present document provides the necessary protocol extensions needed in support of HTTP Digest 
authentication (see annex A). 



References 



The following documents contain provisions which, through reference in this text, constitute provisions of the present 
document. 

• References are either specific (identified by date of publication and/or edition number or version number) or 
non-specific. 

• For a specific reference, subsequent revisions do not apply. 

• For a non-specific reference, the latest version applies. 

Referenced documents which are not found to be publicly available in the expected location might be found at 
http://docbox.etsi.org/Reference . 

[1] 3GPP TS 29.228 (V6.8.0): "3rd Generation Partnership Project; Technical Specification Group 

Core Network and Terminals; IP Multimedia (IM) Subsystem Cx and Dx interfaces; Signalling 
flows and message contents (Release 6)". 

[2] 3GPP TS 29.229 (V6.6.0): "3rd Generation Partnership Project; Technical Specification Group 

Core Network and Terminals; Cx and Dx interfaces based on the Diameter protocol; Protocol 
details (Release 6)". 

[3] draft-ietf-aaa-diameter-sip-app-10: "Diameter Session Initiation Protocol (SIP) Application". 

[4] IETF RFC 2617: "HTTP Authentication: Basic and Digest Access Authentication". 

[5] IETF RFC 3588: "Diameter Base Protocol". 



3 Abbreviations 

For the purposes of the present document, the following abbreviations apply: 

AVP Attribute-Value Pair 

CSCF Call Session Control Function 

ETSI European Telecommunication Standards Institute 

HTTP Hyper Text Transfer Protocol 

IETF Internet Engineering Task Force 

RFC Request For Comments 

S-CSCF Serving-CSCF 

SIP Session Initiation Protocol 

UPSF User Profile Server Function 
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Endorsement notice 

The elements of 3GPP TS 29.228 [1] and 3GPP TS 29.229 [2] apply, with the following modifications. 
NOTE: Underlining and/or strike-out are used to highlight detailed modifications where necessary. 

Global modifications to 3GPP TS 29.228 

Replace the clauses "Scope", "References" and "Definitions, symbols and abbreviations" with the following three 
clauses (Scope, References, and Definitions, symbols and abbreviations). 

1 Scope 

The scope is endorsed with the replacement of the "HSS" by the "UPSF". 

2 References 
Replace the references in [1] as shown below. 





Reference in [1] 


Applicability to the present document 


1 


3GPP TS 23.228: "IP Multimedia (IM) Subsystem - Stage 2 
(Release 5)". 


ETSI TS 182 006: "Telecommunications and Internet 
converged Services and Protocols for Advanced 
Networking (TISPAN); IP Multimedia Subsystem 
(IMS); Stage 2 description [3GPP TS 23.228 v7.2.0, 
modified]" (note 1). 


2 


3GPP TS 24.228: "Signalling flows for the IP multimedia call 
control based on SIP and SDP". 


(note 2). 


3 


3GPP TS 33.203: "Access security for IP-based services". 


(note 2). 


4 


3GPP TS 23.002 "Network architecture". 


ETSI ES 282 001 : "Telecommunications and Internet 
converged Services and Protocols for Advanced 
Networking (TISPAN); NGN Functional Architecture 
Release 1" (note 1). 


5 


3GPP TS 29.229: "Cx Interface based on Diameter - 
Protocol details". 


The present document (note 1). 


8 


3GPP TS 24.229: "IP Multimedia Call Control Protocol 
based on SIP and SDP" - stage 3. 


ETSI ES 283 003: "Telecommunications and Internet 
converged Services and Protocols for Advanced 
Networking (TISPAN); IP Multimedia Call Control 
Protocol based on Session Initiation Protocol (SIP) 
and Session Description Protocol (SDP) Stage 3 
[3GPP TS 24.229 (Release 7), modified]" (note 1). 


10 


3GPP TS 23.141 : "Presence Service; Architecture and 
Functional Description". 


ETSI TS 182 008: "Telecommunications and Internet 
converged Services and Protocols for Advanced 
Networking (TISPAN); Presence Service; Architecture 
and functional description [Endorsement of 3GPP 
TS 23.141 and OMA-AD-Presence SIMPLE-V1 0]" 
(note 1). 


NOTE 1 : The reference in [1] is replaced by tlie document listed on the right column. This replacement is applicable to 

all occurrences of the reference throughout the present document. 
NOTE 2: The reference in [1] contains 3GPP specific requirements and is not generally applicable to the present 

document. 



3 Definitions, symbols and abbreviations 

Endorsed with changes. 

3.1 Definitions 

Endorsed with the replacement of the "HSS" by the "UPSF". 
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3.2 Abbreviations 
Replace: 

HSS Home Subscriber Server 

By: 

UPSF User Profile Server Function 

Add the following abbreviation: 

NASS Network Attachment Subsystem 

NOTE: Throughout the present document, all occurrences of "HSS" are replaced by "UPSF". 

Modifications throughout the text of 3GPP TS 29.228 

4.0 Main concept 

Endorsed. 

5 General Architecture 
Endorsed. 

6 Procedure Descriptions 
Endorsed with changes. 

6.3 Autlnentication procedures 
Endorsed with changes. 

Modify as follows: 

This procedure is used between the S-CSCF and the HSS to exchange information to support the authentication between 
the end user and the home IMS network. The procedure is invoked by the S-CSCF, corresponds to the combination of 
the operations Cx-AV-Req and Cx-AV-Req-Resp (see 3GPP TS 33.203 [3]) and is used: 

To retrieve authentication vectors from the HSS for IMS-AKA authentication. 

To resolve synchronization failures between the sequence numbers in the UE and the HSS for IMS-AKA 
authentication. 

To promote the result of the NASS-level authentication to the IMS level. 

Table 6.3.1 is endorsed with the following addition: 

When the S-CSCF performs the operation Cx-AV-Req, if it may not know the authentication scheme at this point 
(e.g. in the non IMS-AKA cases), it can set SIP-Number-Auth-Items to any positive value. 

Table 6.3.2 is endorsed with the following change: 

When the S-CSCF performs the operation Cx-AV-Req, if it may not know the authentication scheme at this point 
(e.g. in the non IMS-AKA case), it should set the SIP-Authentication-scheme field to "unknown". Later the HSS 
changes this value based on the actual authentication scheme stored in the user authentication data. 

Table 6.3.3 is endorsed with the following clarification: 

Table 6.3.3 is applicable to IMS-AKA only. 
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Table 6.3.4 is modified as follows: 



Table 6.3.4: Authentication Request Response 



Information 
element name 


lUlappIng to 
Diameter AVP 


Cat. 


Description 


User Identity 
(See 7.2) 


Public-Identity 


C 


Public User Identity. It shall be present when the result is 
DIAMETER_SUCCESS. 


Private User 

Identity 

(See 7.3) 


User-Name 


c 


Private User Identity. It shall be present when the result is 
DIAMETER_SUCCESS. 


Number 

Authentication 

Items 

(See 7.10) 


SIP-Number- 
Auth-ltems 


c 


This AVP indicates the number of authentication vectors delivered in the 
Authentication Data information element. It shall be present when the result 
is DIAMETER_SUCCESS. 


Authentication 

Data 

(See 7.9) 


SIP-Auth-Data- 
Item 


c 


If the SIP-Number-Auth-ltems AVP is equal to zero or it is not present, then 

this AVP shall not be present. 

See Table 6.3.5 and Table 6. 3. A for the contents of this information element. 


Result 
(See 7.6) 


Result-Code / 
Experimental- 
Result 


M 


Result of the operation. 

Result-Code AVP shall be used for errors defined in the Diameter Base 

Protocol. 

Experimental-Result AVP shall be used for Cx/Dx errors. This is a grouped 

AVP which contains the 3GPP Vendor ID in the Vendor-Id AVP, and the 

error code in the Experimental-Result-Code AVP. 



Table 6.3.5 is endorsed with the following clarification: 
Table 6.3.5 is applicable to IMS-AKA only. 
Add the following table: 

Table 6.3.A: Authentication Data content - Response for NASS-Bundled Authentication 



Information 
element name 


Mapping to 
Diameter AVP 


Cat. 


Description 


Authentication 

Scheme 

(See 7.9.2) 


SIP- 

Authentication- 

Scheme 


M 


Authentication scheme. It shall contain "NASS-Bundled". 


Line Identifier 
(See 7.9.8) 


Line- Identifier 


M 


This information element contains a fixed broadband access line identifier 
associated to the user. This information element can be repeated. 



6.3.1 Detailed behavior 

Clause 6.3.1 is endorsed with the following clarifications: 

between step 2 and step 3, the HSS checks the user authentication data for the authentication scheme stored in 
HSS. 

step 4 is only applicable to authentication schemes that support synchronization. 

7 Information Element Contents 

Endorsed with changes. 

Modify subclause 7.9.2 as follows: 

7.9.2 Authentication Scheme 

This information element contains the authentication scheme, which is used to encode the authentication parameters. 
The scheme is "Digest AKAyl MD5". 
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Add the following subclause: 

7.9.8 Line Identifier 

This information element contains the line identifier of the user's network termination. 



8 
Endorsed. 

9 
Endorsed. 

10 
Endorsed. 



Error Handling procedures 



Protocol version identification 



Operational aspects 



Annex A (normative) 
Endorsed with changes. 

A.3 Cx message parameters to Diameter AVP mapping 

Table A.3.1 is endorsed with the following addition: 

Table A.3.1 : Cx message parameters to Diameter AVP mapping 



Cx parameter 


AVP Name 






Line Identifier 


Line-Identifier 



A.4 Message flows 

Endorsed with changes. 

A.4.1 Registration- user not registered 

Endorsed with the following changes: 
Figure A.4.1. 1 is appHcable to IMS-AKA. 



£75/ 



10 



ETSI TS 183 033 V1.1.1 (2006-04) 



Add the following figure: 

Visited Networl< 



Home Networl< 



UE 



P-CSCF 



CLF 



l-CSCF 



MASS Authentication & Networl< 
Attachment 



1 . Register 



Security Association required? 



14. OK 



2. CLF Query 



(IP address) 
3. CLF Response 



(Location Info) 
4. Register 



(P-Access Netwprl<-info = dsl- 
location) 



UPSF 



S-CSCF 



5. UAR 



6. UAA 



S-CSCF selection 



13. OK 



7. Register 



(P-Access Networl<-info = dsl- 

location) „ ,,,^ 

' 8. IVIAR 



User profile 
check 



9. IVIAA 
(Line-ldentifieT( 



^)) 



Compare Line- 
Identifier (s) 



10. SAR 



1 1 . SAA 



12. OK 



Figure A.4.1.1 A: Registration - user not registered (NASS-Bundled authentication) 



Annex E (normative) 
Endorsed. 

Annex F (normative) 
Endorsed. 
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Global modifications to 3GPP TS 29.229 

Replace the clauses "Scope", "References" and "Definitions, symbols and abbreviations" with the following three 
clauses (Scope, References, and Definitions, symbols and abbreviations). 

1 Scope 

The scope is endorsed with the replacement of the "HSS" by the "UPSF". 

2 References 
Replace the references in [2] as shown below. 





Reference in [2] 


Applicability to the present document 


[1] 


3GPP TS 29.228 "IP IVIultimedia (IIVI) Subsystem Cx and Dx 
interface; signalling flows and message contents". 


The present document (note 1). 


[11] 


3GPP TS 29.329 "Sh Interface based on the Diameter 
protocol; protocol details". 


ETSI TS 183 037: "Endorsement of the Sh Interface 
based on the Diameter protocol; Protocol details 
(Release 6), NGN Release 1" (note 1). 


NOTE 1 : The reference in [2] is replaced by tlie document listed on the right column. This replacement is applicable to 

all occurrences of the reference throughout the present document. 
NOTE 2: The reference in [2] contains 3GPP specific requirements and is not generally applicable to the present 

document. 



3 Definitions, symbols and abbreviations 

Endorsed with changes. 

3.1 Definitions 

Endorsed with the replacement of the "HSS" by the "UPSF". 

3.2 Abbreviations 
Replace: 

HSS Home Subscriber Server 

By: 

UPSF User Profile Server Function 

Add the following abbreviation: 

NASS Network Attachment Subsystem 

NOTE: Throughout the present document, all occurrences of "HSS" are replaced by "UPSF". 

Modifications thiroughiout thie text of 3GPP TS 29.229 



4 
Endorsed. 



General 



5 User of the Diameter Base Protocol 

Endorsed with changes. 
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5.6 Advertising Application Support 

Endorsed with the following changes: 

The HSS, S-CSCF and I-CSCF shall advertise support of the Diameter Multimedia Application by including the value 
of the application identifier (see chapter 6) in the Auth- Application-Id AVP within the Vendor-Specific- Application-Id 
grouped AVP of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands. 

The vendor identifier values of 3GPP (10415) and ETSI (13019) shall be included in the Supported- Vendor-Id AVP of 
the Capabilities-Exchange-Request and Capabilities-Exchange- Answer commands, and in the Vendor-Id AVP within 
the Vendor-Specific-Application-Id grouped AVP of the Capabilities-Exchange-Request and Capabilities-Exchange- 
Answer commands. 

Note: The Vendor-Id AVP included in Capabilities-Exchange-Request and Capabilities-Exchange-Answer 

commands that is not included in the Vendor-Specific-Application-Id AVPs as described above shall 
indicate the manufacturer of the Diameter node as per RFC 3588 [6]. 

6 Diameter application for Cx interface 

Endorsed with changes. 



6.1 
Endorsed. 

6.2 
Endorsed. 



Command-Code values 



Result-Code AVP values 



6.3 AVPs 

Endorsed with the following changes: 

Add the following text at the end of the paragraph before Table 6.3.1: 

The Line-Identifier AVP has a Vendor-Id header set to ETSI (13019). 

Table 6.3.1 is endorsed with the following addition: 

Table 6.3.1 : Diameter Multimedia Application AVPs 











AVP Flag rules 




Attribute Name 


AVP 
Code 


Section 
defined 


Value Type 


Must 


May 


Should 
not 


Must 
not 


May Encr. 




















Line- Identifier 


500 


6.3.34 


OctetStrina 


V 






M 


No 


NOTE 1 : The AVP header bit denoted as 'M', indicates whether support of the AVP is required. The AVP header 
bit denoted as 'V, indicates whether the optional Vendor-ID field is present in the AVP header. For 
further details, see IETF RFC 3588 [6]. 

NOTE 2: Depending on the concrete command. 
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6.3.13 SIP-Auth-Data-ltem AVP 

Endorsed with the following change: 

SIP-Auth-Data-Item :: = < AVP Header : 612 10415 > 

[ SIP-Item-Number ] 

[ SIP- Authentication-Scheme ] 

[ SIP-Authenticate ] 

[ SIP-Authorization ] 

[ SIP-Authentication-Context ] 

[Confidentiality- Key] 

[Integrity-Key] 

* [Line-Identifier] 

* [AVP] 
Add the following subclause: 

6.3.34 Line-Identifier AVP 

The Line-Identifier AVP is of type OctetString. This AVP contains a fixed broadband access line identifier associated 
to the user. 

6.4 Use of namespaces 

Endorsed. 

7 Special Requirements 

7.1 Version Control 

Endorsed with changes. 
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7.1 .1 Defining a new feature 

Endorsed with the following change: 

Table 7.1.1 is endorsed with the following addition: 



Table 7.1.1 : Features of Feature-List-ID 1 used in Cx 



Feature 
bit 


Feature 


IM/O 


Description 










Tbd 


NASS BUND 
LED 





NGN extensions for NASS Bundled authentication. 
This feature is aoolicable for any command pair affected bv NGN 


extensions for NASS Bundled authentication. 
When the S-GSGF and the UPSF support this feature, both nodes are 


able to handle Cx messages with the extensions and/or modifications 


for NASS Bundled authentication. 


Tbd 


HTTP DIGES 
T MD5 





NGN extensions for HTTP Diaest authentication 


Feature bit: The order number of the bit within the Supported-Features AVP, e.g. "1 ". 
Feature: A short name that can be used to refer to the bit and to the feature, e.g. "I\/I0I\/I". 
IVI/0: Defines if the implementation of the feature is mandatory ("IVI") or optional ("0"). 
Description: A clear textual description of the feature. 



7.2 
Endorsed. 



Supported features 



7.3 
Endorsed. 



Interface versions 
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Annex ZA (informative): 

Cx additional support for HTTP Digest authentication 

This annex provides the additional Cx capabiHties needed for supporting HTTP Digest authentication over the Cx 
interface. 



ZA.1 Information elements and signalling flows for HTTP 
Digest authentication 

The authentication procedure is mapped to the commands Multimedia- Auth-Request/ Answer in the Diameter 
application. 

Tables 6.3.1 - 6.3.5 of [1] are applicable with the following exceptions: 

Table 6.3. 1 is applicable with the clarification that Table ZA. 1 . 1 provides a description of the contents of the 
Authentication Data information element; 

Table 6.3.2 and Table 6.3.3 are not applicable; 

Table 6.3.4 is applicable with the clarification that Table ZA. 1 .2 provides a description of the contents of the 
Authentication Data information element; 

Table 6.3.5 is not applicable. 

The following tables are added: 

Table ZA.1 .1 : Authentication Data content - Request 



Information 
element name 


Mapping to 

Diameter 

AVP 


Cat. 


Description 


Authentication 

Scheme 
(See 7.9.2 of [1]) 


SIP- 

Authenticatio 

n-Scheme 


M 


This information element indicates the authentication scheme. It shall 
contain "HTTP_DIGEST_MD5". 


ETSI- 

Authorization 

Information (See 

subclause A.2) 


ETSI-SIP- 

Authorization 

(note) 


C 


This information element shall be present under the conditions specified in 
draft-ietf-aaa-diameter-sip-app-10 [3]. See subclause A.2. 


NOTE: An "ETSI-" prefix is added to the ETSI vendor-specific AVP which have an equivalent AVP being defined in 
draft-ietf-aaa-diameter-sip-app-1 [3]. 
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Table ZA.1.2: Authentication Data content - Response for HTTP Digest Authientication 



Information 
element name 


Mapping to 

Diameter 

AVP 


Cat. 


Description 


Authentication 

Scheme 
(See 7.9.2 of [1]) 


SIP- 

Authentication 

-Scheme 


M 


This information element indicates the authentication scheme. It shall 
contain ■'HTTP_DIGEST_MD5". 


ETSI Authentication 

Information 
(See subclause A.2) 


ETSI-SIP- 

Authenticate 

(note1) 


M 


See subclause A.2. 


ETSI-Authentication 

Info Information 
(See subclause A.2) 


ETSI-SIP- 

Authentication 

-Info 

(note 1) 





See subclause A.2. 


NOTE 1 : An "ETSI-" prefix is added to the ETSI vendor-specific AVP which have an equivalent AVP being defined 

in draft-ietf-aaa-diameter-sip-app-10 [3]. 
NOTE 2: HTTP Digest authentication requires the generation of a nonce in either the UPSF or the S-CSCF. In this 

version of the specification the UPSF shall generate nonces and the S-CSCF shall not generate nonces, 

as part of the HTTP Digest authentication process. 



ZA.2 Diameter protocol extensions supporting HTTP 
Digest authentication 

The following table describes the Diameter AVPs defined for the Cx interface protocol in support of HTTP Digest, their 
AVP Code values, types, possible flag values and whether or not the AVP may be encrypted. The Vendor-Id header of 
all AVPs defined in this specification shall be set to ETSI (13019). 

Table ZA.2.1 : Diameter IVIultimedia Application AVPs for HTTP Digest 











AVP Flag rules 




Attribute Name 


AVP 
Code 


Section 
defined 


Value Type 


Must 


May 


Should 
not 


Must 
not 


May Encr. 


ETSI-SIP-Authenticate 


501 


- 


Grouped 


V 






M 


No 


ETSI-SIP-Authorization 


502 


- 


Grouped 


V 






M 


No 


ETSI-SIP-Authentication-lnfo 


503 


- 


Grouped 


V 






M 


No 


ETSI-Digest-Realm 


504 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Nonce 


505 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Domain 


506 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Opaque 


507 


- 


UTF8String 


V 






M 


No 


ETSI-Digest-Stale 


508 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Algorithm 


509 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-QoP 


510 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-HA1 


511 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Auth-Param 


512 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Username 


513 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-URI 


514 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Response 


515 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-CNonce 


516 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Nonce-Count 


517 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Method 


518 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Entity-Body-Hash 


519 


- 


UTFSString 


V 






M 


No 


ETSI-Digest-Nextnonce 


520 


- 


UTFSString 


V 






M 


No 


ETSI-Dlgest-Response-Auth 


521 


- 


UTFSString 


V 






M 


No 


NOTE 1 : The AVP header bit denoted as 'M', indicates whether support of the AVP is required. The AVP header 
bit denoted as 'V, indicates whether the optional Vendor-ID field is present in the AVP header. For 
further details, see IETF RFC 3588 [5]. 

NOTE 2: Depending on the concrete command. 
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The SIP-Auth-Data-Item AVP is modified compared to 3GPP TS 29.229 [21 as follows: 

The SIP-Auth-Data-Item is of type Grouped, and contains the authentication and/or authorization information for the 
Diameter client. 

AVP format 

SIP-Auth-Data-Item :: = < AVP Header : 612 10415 > 

[ SIP-Item-Number ] 

[ SIP-Authentication-Scheme ] 

[ SIP-Authenticate ] 

[ SIP-Authorization ] 

[ SIP-Authentication-Context ] 

[Confidentiality-Key] 

[Integrity-Key] 

[ ETSI-SIP-Authorization ] 

[ ETSI-SIP-Authenticate ] 



ETSI-SIP-Authentication-Info 



*[AVP] 

Add the following AVP syntax: 

The ETSI-SIP-Authenticate is of type Grouped, and contains a reconstruction of either the SIP WWW- Authenticate or 
Proxy-Authentication header fields specified in RFC 2617 [4]. Additionally, the AVP may include a Digest-HAl AVP 
that contains H(A1) (as defined in RFC 2617 [4]). 

AVP format 

ETSI-SIP-Authenticate ::= < AVP Header: 501 13019 > 

{ ETSI-Digest-Realm } 

{ ETSI-Digest-Nonce } 

[ ETSI-Digest-Domain ] 

[ ETSI-Digest-Opaque ] 

[ ETSI-Digest-Stale ] 

[ ETSI-Digest-Algorithm ] 

[ ETSI-Digest-QoP ] 

[ ETSI-Digest-HAl] 

*[ ETSI-Digest-Auth-Param ] 

*[ AVP ] 

The ETSI-SIP-Authorization is of type Grouped, and contains a reconstruction of either the SIP Authorization or Proxy- 
Authorization header fields specified in RFC 2617 [4]. 
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AVP format 

ETSI-SIP-Authorization :: = < AVP Header : 502 13019 > 

{ ETSI-Digest-Username } 

{ ETSI-Digest-Realm } 

{ ETSI-Digest-Nonce } 

{ ETSI-Digest-URI } 

{ ETSI-Digest-Response } 

[ ETSI-Digest-Algorithm ] 

[ ETSI-Digest-CNonce ] 

[ ETSI-Digest-Opaque ] 

[ ETSI-Digest-QoP ] 

[ ETSI-Digest-Nonce-Count ] 

[ ETSI-Digest-Method ] 

[ ETSI-Digest-Entity-Body-Hash ] 

*[ ETSI-Digest-Auth-Param ] 

* [AVP] 

The ETSI-SIP- Authentication-Info AVP is of type Grouped and contains a reconstruction of the SIP Authentication- 
Info header specified in RFC 2617 [4]. 

AVP format 

ETSI-SIP-Authentication-Info ::= < AVP Header: 503 13019 > 

{ ETSI-Digest-Nextnonce } 

[ ETSI-Digest-QoP ] 

[ ETSI-Digest-Response-Auth ] 

[ ETSI-Digest-CNonce ] 

[ ETSI-Digest-Nonce-Count ] 

*[ AVP ] 

ZA.3 Additional Cx feature in support of HTTP Digest 
authentication 

This feature is applicable for any command pair affected by NGN extensions for HTTP Digest authentication. 

When the S-CSCF and the UPSF support this feature, both nodes are able to handle Cx messages with the extensions 
and/or modifications for HTTP Digest authentication. 

See table 7.1.1 in the present endorsement of [2]. 
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